Privacy Policy

Version 1.0 · Effective date: June 2, 2026

Cordespace Inc. (“Cordespace”, “we”, “our”) is committed to protecting the personal information of individuals who interact with its services. This policy describes our practices regarding the collection, use, disclosure and protection of your personal information, in accordance with Quebec’s Act respecting the protection of personal information in the private sector (CQLR, c. P-39.1), as amended by Bill 25 (hereinafter the “Private Sector Act“).

1 Identity and Contact Details

Cordespace inc.

276, rue Christophe-Colomb Est, local 300
Québec (Québec) G1K 3T2

Email: info@cordespace.com

2 Data Protection Officer

In accordance with the Private Sector Act, Cordespace has appointed a person responsible for the protection of personal information:

Marie-Eve Tremblay — Email: info@cordespace.com

Any questions, requests for access, rectification or withdrawal of consent, or complaints may be addressed to this person.

3 Information Collected

We collect the following information:

  • Identification: name (real name or pseudonym — pseudonyms are accepted and recommended), confirmation of legal age (18 years or older).
  • Contact details: email address, postal address and telephone number (optional).
  • Registration information: Activities you participate in, transaction history, ticket QR codes.
  • Linked accounts: in some cases (for example, people who are both customers and teachers), the same person may have two accounts linked to each other. This link is maintained to facilitate navigation and the management of registrations.
  • Payment information: we do not store your bank details. Cash payments are processed on site. Interac transfers are processed by your financial institution. Once the credit card payment platform is operational, data will be processed by the payment processor and will not be stored on our servers.
  • Communications: email exchanges and forms.
  • Technical data: IP address, browser type (“user agent”), date and time of significant actions (account creation, document signing, login).
  • Signed documents: signed versions of the liability waiver (or other required document), date, version identifier and associated technical metadata (IP, browser), retained for legal evidence purposes in accordance with the Act to establish a legal framework for information technology (LCCJTI).

4 Purpose of Data Collection

Your information is used for:

  • Managing your registration and participation in Activities.
  • Communicating with you (confirmations, reminders, course notes, monthly newsletter).
  • Processing payments, refunds and ticket transfers.
  • Ensuring safety and compliance with the Code of Conduct.
  • Keeping a record of signed documents for evidence purposes.
  • Complying with our legal, accounting and tax obligations.

5 Consent

Your consent is required prior to any data collection. By registering, signing the liability waiver (or any other participation document) or creating an account, you consent to the collection and use of data as described above. You may withdraw your consent at any time, subject to applicable legal and contractual obligations.

6 Disclosure to Third Parties and Hosting

Your personal data may be processed by:

  • Our web host: our website’s database (accounts, registrations, transactions, signed documents) is hosted by our web hosting provider. Cordespace is committed to selecting a host that offers security guarantees in line with current standards.
  • MailerLite: for sending our monthly newsletter, once you have subscribed. Only your email address and subscription status are processed. You can unsubscribe at any time via the link included in each email.
  • Our future credit card payment processor (to be announced once it goes live).
  • Any technical provider strictly necessary for the platform to function.

The Amelia (event management) and WooCommerce (online shop) software modules are installed on our own website: they do not store your data outside our server.

We do not sell or rent your personal information.

7 Retention Period

We retain your information for as long as is necessary for the purposes described:

  • Account information: for as long as your account remains active.
  • Signed documents (liability waivers or other): six (6) years, for evidential purposes, in accordance with the applicable civil limitation period and the requirements of the LCCJTI.
  • Transaction history: six (6) years, in accordance with accounting and tax obligations.
  • Communications: two (2) years after the last exchange.
  • Technical data (IP logs, user-agent) related to signatures: retained for the same period as the signatures themselves (six years).

Once these periods have elapsed, the data is destroyed or anonymized.

8 Rights You Can Exercise

Under the Private Sector Act, you have the right:

  • To access the personal information we hold about you.
  • To have inaccurate, incomplete or ambiguous information corrected.
  • To withdraw your consent to the processing of your data.
  • To have the dissemination of your data stopped or to request de-indexing in certain circumstances.
  • To obtain the portability of your data in a structured, commonly used and machine-readable format.

To exercise these rights, please contact our Data Protection Officer (section 2). We will respond within 30 days.

9 Cookies

Our website uses the following types of cookies:

  • WordPress session cookies: keep you logged in to your account.
  • WooCommerce cart cookies: retain the contents of your shopping cart during your visit.
  • Amelia booking cookies: retain your event selections while you are booking.
  • Functional cookies: display preferences (language, etc.).

We do not use advertising cookies or cross-site tracking. You can set your browser to block cookies; however, some features (such as the shopping cart and login) may then not be available.

10 Security

We take reasonable steps to protect your information:

  • Technical measures: secure connection (HTTPS) across the entire site, hashed passwords (never stored in plain text), a dedicated, append-only table for document signatures (proof integrity).
  • Administrative measures: access restricted to members of the administrative team who require it for their role.
  • Physical measures: any physical material containing information (rare) is kept in a secure location.

However, no method of electronic transmission or storage is completely secure.

11 Minors

Our Activities are restricted to people aged 18 or over. We do not knowingly collect information about minors.

12 Data Breach

In the event of a confidentiality incident that poses a risk of serious harm, Cordespace will notify the individuals concerned and the Commission d’accès à l’information du Québec, in accordance with the Private Sector Act, and will maintain a record of such incidents.

13 Amendments

We may amend this policy. The effective date will be updated and, in the event of a significant change, we will notify you by appropriate means.

14 Complaint

If you feel that your rights have not been respected, you can first contact our Data Protection Officer (section 2). You may also lodge a complaint with the Commission d’accès à l’information du Québec: www.cai.gouv.qc.ca.